Техническая информация
- '%TEMP%\bbfcabfecbhi.exe' 1-4-7-0-8-9-1-1-8-8-5 LkxCRDUnHy5LTT1PRT09KBcuTT1MUk5OREk8NC8fJzxEUlBCRDUnHy47QT88LBkvSElOQ007T15FPT0oFy5SPUpRRE5YVUpDPGdsbGs5KyhzXWl1LWxgYCxdaXAlW2BzWSZkbWJoICc6S0g7Q0RDORkvPCg8LCkYKkMuNi0pFy5DKzUoMBwoRCw0LDAYJz80OSYxGCZPUUc8UEJQWFBKQFVAO1E4HytJUkc7VEJMV0BUSDo9GCZPUUc8UEJQWE45REQ8GCdAV0FYVUpDPB8nPVNEWzxNPENITT01Gy5ESFNMVkFRR09ORE42MhgmU0c5RkZYS05fTUlLPBgnUUw5KyAnO1IwNRgqUVFHVEFERF5PPUdCS0ZFQURARj1NTUs5GS9BSl5RTUZPSEk+PWxpdGQYJ01EUE5SRkBNRldNTkROWEQ5UFI8KhgqR0U9RVA0MB8nQU5eQFJOOURIQlc9SUJOUlBMPEM8XllncmEZLzxGVk1ERzxDW0JQNS01LSkoLS0yJzEuJx8uTEFIRDkqNCooMjApLi4wHChER05NS0c5P15QQk09NDAuKS0qMSwqNSIvOTMvMiwwJjpN
- '<SYSTEM32>\wbem\wmiadap.exe' /R /T
- '<SYSTEM32>\wbem\wmic.exe' /output:%TEMP%\81422972188.txt bios get serialnumber
- <SYSTEM32>\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof
- %TEMP%\tmp4.tmp
- %TEMP%\tmp5.tmp
- %TEMP%\81422972188.txt
- <SYSTEM32>\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof
- %TEMP%\tmp3.tmp
- %TEMP%\nsq2.tmp\raw.dll
- %TEMP%\insHv27.bbfcabfecbhi
- %TEMP%\bbfcabfecbhi.zip
- %TEMP%\insHv27.exe
- %TEMP%\nsq2.tmp\nsisunz.dll
- <SYSTEM32>\wbem\Performance\WmiApRpl.ini
- <SYSTEM32>\PerfStringBackup.TMP
- %TEMP%\tmp5.tmp
- %TEMP%\tmp3.tmp
- %TEMP%\tmp4.tmp
- %TEMP%\insHv27.exe в %TEMP%\bbfcabfecbhi.exe